7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
gopherd, a gopher server from the University of Minnesota, contains a
number of buffer overflows which could be exploited by a remote
attacker to execute arbitrary code with the privileges of the gopherd
process (the “gopher” user by default).
For the stable distribution (woody) this problem has been fixed in
version 3.0.3woody1.
This program has been removed from the unstable distribution (sid).
gopherd is deprecated, and users are recommended to use PyGopherd instead.
We recommend that you update your gopherd package.